Lucene search
K

279 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2011-4109

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509VFLAGPOLICYCHECK is enabled, allows remote attackers to have an unspecified impact by...

9.3CVSS8.3AI score0.17687EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/14 12:0 a.m.103 views

Oracle Linux 8 : nodejs:20 (ELSA-2025-1351)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-1351 advisory. - Update to version 20.18.2 Fixes: CVE-2025-23083 CVE-2025-23085 CVE-2025-22150 Resolves: RHEL-76001 RHEL-76146 - Update to 20.16.0 Fixes: CVE-2024-361...

9.8CVSS7.3AI score0.99999EPSS
Exploits41References4
RedhatCVE
RedhatCVE
added 2025/02/04 10:23 p.m.6 views

CVE-2024-53850

The Addressing GLPI plugin enables you to create IP reports for visualize IP addresses used and free on a given network.. Starting with 3.0.0 and before 3.0.3, a poor security check allows an unauthenticated attacker to determine whether data exists by name in GLPI...

8.2CVSS7.1AI score0.00502EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/14 2:8 p.m.34 views

CVE-2023-46715

An origin validation error CWE-346 vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send but not receive packets spoofing the IP of another user via crafted network packets...

5CVSS0.00913EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/01/09 12:0 a.m.6 views

The vulnerability of the Addressing system’s plugin for requests, incidents, and inventory management of computer equipment in GLPI arises from the use of an external controlled input for selecting classes or codes. This allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the addressing plugin in the GLPI system for managing requests, incidents, and inventory of computer equipment is related to the use of an external controlled input for selecting classes or codes. Exploiting this vulnerability can allow a malicious actor to gain unauthorized...

8.5CVSS5.5AI score0.00502EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/12/27 2:15 p.m.2 views

DEBIAN-CVE-2024-53188

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix crash when unbinding If there is an error during some initialization related to firmware, the function ath12kdpcccleanup is called to release resources. However this is released again when the device is unbinded...

5.5CVSS5.6AI score0.00228EPSS
Exploits0References1
CVE
CVE
added 2024/12/26 9:41 p.m.56 views

CVE-2024-53850

The CVE-2024-53850 entry maps to the Addressing GLPI plugin vulnerability. The connected PT-2024-9988 advisory specifies affected versions 3.0.0 through 3.0.3 and attributes the issue to a poor security check that allows an unauthenticated attacker to determine whether data exists by name in GLPI...

8.2CVSS7.2AI score0.00502EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/26 9:41 p.m.8 views

CVE-2024-53850 The Addressing GLPI plugin allows data enumeration through uncontrolled object instantiation

The Addressing GLPI plugin enables you to create IP reports for visualize IP addresses used and free on a given network.. Starting with 3.0.0 and before 3.0.3, a poor security check allows an unauthenticated attacker to determine whether data exists by name in GLPI...

8.2CVSS7.3AI score0.00502EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/26 9:41 p.m.18 views

CVE-2024-53850 The Addressing GLPI plugin allows data enumeration through uncontrolled object instantiation

The Addressing GLPI plugin enables you to create IP reports for visualize IP addresses used and free on a given network.. Starting with 3.0.0 and before 3.0.3, a poor security check allows an unauthenticated attacker to determine whether data exists by name in GLPI...

8.2CVSS0.00502EPSS
Exploits0References2
OSV
OSV
added 2024/12/26 9:41 p.m.7 views

CVE-2024-53850 The Addressing GLPI plugin allows data enumeration through uncontrolled object instantiation

The Addressing GLPI plugin enables you to create IP reports for visualize IP addresses used and free on a given network.. Starting with 3.0.0 and before 3.0.3, a poor security check allows an unauthenticated attacker to determine whether data exists by name in GLPI...

8.2CVSS6.9AI score0.00502EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/12/06 12:0 a.m.9 views

PT-2025-8786

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A vulnerability in the Linux kernel has been identified, specifically in the powerpc/pseries/iommu module. The issue arises when the Power Hypervisor allocates an MMIO window that...

5.5CVSS6.9AI score0.00206EPSS
Exploits0
Oracle linux
Oracle linux
added 2024/11/27 12:0 a.m.24 views

perl-App-cpanminus:1.7044 security update

perl-App-cpanminus 1.7044-6 - Patch the code to use https instead of http CVE-2024-45321 perl-CPAN-DistnameInfo perl-CPAN-Meta-Check perl-File-pushd perl-Module-CPANfile perl-Parse-PMFile perl-String-ShellQuote perl-App-cpanminus 1.7044-6 - Patch the code to use https instead of http CVE-2024-453...

8.1CVSS7AI score0.00737EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2024/11/22 12:0 a.m.3 views

PT-2024-9988 · Glpi · Addressing Glpi Plugin

Name of the Vulnerable Software and Affected Versions: Addressing GLPI plugin versions 3.0.0 through 3.0.3 Description: The issue is related to a poor security check in the Addressing GLPI plugin, which allows an unauthenticated attacker to determine whether data exists by name in GLPI. This can...

8.5CVSS7AI score0.00502EPSS
Exploits0References9
NVD
NVD
added 2024/11/15 11:15 p.m.24 views

CVE-2024-11263

When the Global Pointer GP relative addressing is enabled CONFIGRISCVGP=y, the gp reg points at 0x800 bytes past the start of the .sdata section which is then used by the linker to relax accesses to global symbols...

9.3CVSS0.00164EPSS
Exploits0References1
CVE
CVE
added 2024/11/15 10:53 p.m.72 views

CVE-2024-11263

CVE-2024-11263 concerns RISCV GP relative addressing when CONFIG_RISCV_GP=y. The gp register is reported to point 0x800 bytes past the start of the .sdata section, which the linker uses to relax accesses to global symbols. Across the connected documents, the issue is described with this root caus...

9.3CVSS9.3AI score0.00164EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/11/15 12:0 a.m.3 views

Zephyr 安全漏洞

Zephyr is an extensible real-time operating system RTOS that is open-sourced by Zephyr. A security vulnerability exists in Zephyr version 3.7.0 and prior versions, which stems from a gp reg pointing to the 0x800 byte at the beginning of the .sdata section when Global Pointer GP Relative Addressin...

9.3CVSS6.7AI score0.00164EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/15 12:0 a.m.5 views

PT-2024-16871 · Risc-V · Risc-V

Name of the Vulnerable Software and Affected Versions: RISC-V affected versions not specified Description: The issue concerns the Global Pointer GP relative addressing when enabled CONFIG RISCV GP=y. In this configuration, the gp register points 0x800 bytes past the start of the .sdata section,...

9.3CVSS6.9AI score0.00164EPSS
Exploits0References8
Oracle linux
Oracle linux
added 2024/11/13 12:0 a.m.20 views

cups-filters security update

1.0.35-29.0.3 - Unsupport cups-browsed service - CVE-2024-47076, CVE-2024-47175, CVE-2024-47176 Orabug: 37217141...

8.6CVSS7.3AI score0.76959EPSS
Exploits16
RedHat Linux
RedHat Linux
added 2024/09/24 12:40 a.m.25 views

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as...

8.1CVSS7.5AI score0.01305EPSS
Exploits1References4
OSV
OSV
added 2024/08/21 6:10 a.m.13 views

CVE-2023-52910 iommu/iova: Fix alloc iova overflows issue

In the Linux kernel, the following vulnerability has been resolved: iommu/iova: Fix alloc iova overflows issue In allocandinsertiovarange, there is an issue that retrypfn overflows. The value of iovad-anchor.pfnhi is 0UL, then when iovad-cachednode is iovad-anchor, curriova-pfnhi + 1 will overflo...

5.5CVSS6.1AI score0.00236EPSS
Exploits0References6
Rows per page
Query Builder